/// @file auth_ao.h
/// @brief Authentication Active Object for the authentication system
///
/// This file defines the AuthAo class which handles authentication logic
/// and communicates with the UiAo and DbAo through events.

#ifndef AUTH_AO_H
#define AUTH_AO_H

#include "qpcpp.hpp"
#include "auth_events.h"

/// @class AuthAo
/// @brief Authentication Active Object
///
/// This class handles authentication logic and communicates with the UiAo
/// and DbAo through events. It processes authentication requests, validates
/// credentials, and manages sessions without direct database access.
class AuthAo : public QP::QActive
{
private:
    // Authentication state
    bool is_authenticated_;              ///< Current authentication status
    int current_user_id_;                ///< Current authenticated user ID
    std::string current_session_token_;  ///< Current session token

public:
    /// @brief Constructor
    AuthAo();

    /// @brief Get current authentication status
    /// @return true if authenticated, false otherwise
    bool isAuthenticated() const
    {
        return is_authenticated_;
    }

    /// @brief Get current user ID
    /// @return Current user ID if authenticated, -1 otherwise
    int getCurrentUserId() const
    {
        return is_authenticated_ ? current_user_id_ : -1;
    }

    /// @brief Get current session token
    /// @return Current session token if authenticated, empty string otherwise
    const std::string& getCurrentSessionToken() const
    {
        return current_session_token_;
    }

protected:
    /// @brief Initial state handler
    Q_STATE_DECL(initial);

    /// @brief Processing state handler
    Q_STATE_DECL(processing);

    /// @brief Waiting for database response state
    Q_STATE_DECL(waitingForDbResponse);

private:
    // State handler methods
    static QP::QState initial(AuthAo* const me, QP::QEvt const* const e);
    static QP::QState processing(AuthAo* const me, QP::QEvt const* const e);
    static QP::QState waitingForDbResponse(AuthAo* const me, QP::QEvt const* const e);

    // Helper methods for processing authentication operations
    void processLoginRequest(const LoginRequestEvt* const evt);
    void processRegisterRequest(const RegisterRequestEvt* const evt);
    void processLogoutRequest(const LogoutRequestEvt* const evt);
    void processSessionCheckRequest(const SessionCheckRequestEvt* const evt);

    // Helper methods for processing database responses
    void processDbUserFindResponseSuccess(const DbUserFindResponseSuccessEvt* const evt);
    void processDbUserFindResponseFailure(const QP::QEvt* const evt);
    void processDbUserCreateResponseSuccess(const DbUserCreateResponseSuccessEvt* const evt);
    void processDbUserCreateResponseFailure(const QP::QEvt* const evt);
    void processDbSessionCreateResponseSuccess(const DbSessionCreateResponseSuccessEvt* const evt);
    void processDbSessionCreateResponseFailure(const QP::QEvt* const evt);
    void processDbSessionRemoveResponseSuccess(const QP::QEvt* const evt);
    void processDbSessionRemoveResponseFailure(const QP::QEvt* const evt);
    void processDbSessionFindResponseSuccess(const DbSessionFindResponseSuccessEvt* const evt);
    void processDbSessionFindResponseFailure(const QP::QEvt* const evt);

    // Helper methods for password verification
    bool verifyPassword(const std::string& password, const std::string& hashed_password) const;
    std::string hashPassword(const std::string& password) const;

    // Helper methods for session management
    std::string generateSessionToken(int user_id) const;
};

/// @brief Global instance of the AuthAo
extern AuthAo* const the_AO_Auth;

#endif  // AUTH_AO_H